back to article Leopard security bug puts Mail users at risk

Programmers have reintroduced a yawning security hole in Leopard, the latest version of Apple's highly regarded operating system, after having patched it more than 20 months ago in an earlier version, a researcher has warned. The bug in Apple Mail makes it possible for attackers to run malicious code on a victim's machine by …

COMMENTS

This topic is closed for new posts.
  1. Chris
    Dead Vulture

    Hmmmm

    And here i thought that OS X was flawless... Sorry Fan boys but this is a worrying discovery... And surprised that /on sarcasm the example company/off sarcasm Apple has yet to release a patch...

    /off topic 2,5 hours without a reaction...

  2. Anonymous Coward
    Flame

    Hello? Anybody There?

    I do hope the lack of comments to this wonderful article (at time of writing), is due to the moderator being down the pub, and not due to the fan boys (and girls, and aliens, and steve jobs) deciding to stop arguing.

    /flame mode

    This article amounts to saying that Apple is C$%P come on Mac Buddies, get your rubbish iPhones out and start typing abuse (well as fast as GPRS will let you anyway) otherwise your stating that Vista is the best OS there is

    Oh and just to get a different argument going, I played with a Mac yesterday and whats with that little scroll nipple on the mouse? It's rubbish, the wheel is far superior

    /flame mode

    There that should do it.

  3. Ben Gibson
    Thumb Up

    hmmmm

    The reporter reports the news, nice. The comment guy bitches about a section of people he doesn't like. Two people doing there jobs well then.

  4. Peter

    limited bad

    It's unfortunate if this has in fact returned.

    But it is fortunate that Mail is sandboxed and so the scope of the bad should be limited

  5. Derek Hellam

    guess it does not effect everyone

    I'm using Leopard 10.5.1. I ran the heise email check and tried to open the attachment, quickview showed nothing, so I clicked on the email attachment and got the standard security warning:-

    “Heise.jpg” may be an application. It was attached to a mail message and will be opened by Terminal. Are you sure you want to open it?"

    Wonder what version of Leopard he was using? A pre-final?

    @Anonymous Coward

    "Oh and just to get a different argument going, I played with a Mac yesterday and whats with that little scroll nipple on the mouse? It's rubbish, the wheel is far superior"

    Try to learn new things and adapt to the world as it changes. I use both MS windows, and OSX. Each has its benefits. What I really have never understood is this us and them mentality. It is almost as if these people, zealots on both sides are socially inadequate, lack confidence and have to continually rant about their product of choice with others, almost because it gives them a sense of superiority over others "look I did right, I purchased the right thing....didn't I?" Superiority by proxy..LOL I do however notice it more amongst those who have never used a Mac for work, but are somehow inspired by their ignorance to make fools of themselves.

    I'll never forget the party I went to in where one group of social inadequates was arguing with another group over the relative merits of 3½" disk drives vs 5¼ disk drives. Nothing ever changes does it?

  6. Dan Goodin (Written by Reg staff)

    @guess it does not effect everyon

    "I'm using Leopard 10.5.1. I ran the heise email check and tried to open the attachment, quickview showed nothing, so I clicked on the email attachment and got the standard security warning:-

    “Heise.jpg” may be an application. It was attached to a mail message and will be opened by Terminal. Are you sure you want to open it?"

    Wonder what version of Leopard he was using? A pre-final?"

    Hey Derek,

    Thanks very much for writing. As noted in the article, The warning fails to run "about 90 percent of the time," with little understanding as to what causes it to display in some cases and not in others.

    I've yet to install Leopard on my MacBook Pro, so I can't test Schmidt's demo. I'd be eager to hear the results other Leopard users get.

  7. Derek Hellam

    @Dan

    I've got Leopard installed on two machines, one a MacbookPro at work. I'll give it a run there too. Installation was a breeze. The best feature I found is quickview, IMHO Leopard is worth it just for that. My bad I didn't notice the 90% bit.

  8. Anonymous Coward
    Jobs Horns

    What about 10.4.11

    Apples' latest update to Tiger (which has just been replaced by Leopard) has bricked loads of peoples' Macs, or slowed them significantly.

    They really need to get their house in order, or this could be interpreted as a devious way to force people to upgrade....

  9. GBW

    All is well here

    I to am using 10.5.1 and have tried the test several times, and every time the message displays noting it as a suspected application and that it would open in the terminal and asks if I really want to open it.

    I wonder if Heise is on 10.5.0. I'm not going to revert to find out if the problem exists prior to the .1 update, though.

  10. Anonymous Coward
    Happy

    @Anonymous Coward

    I feel someone should tell you as you seem unaware -

    I'm sorry mate but you comment smells like ass. (if that's at all possible)

    Hey next time try throwing in a few html type tags or present your thoughts in pseudo code (examples below), your target audience will really dig that!

  11. Ivan Headache

    @Dan & Derek

    10.5.1 here but the terminal window opened!

    This is the first time a security test has failed on one of my macs. What version is your mail?

    Mine is Version 3.1 (914/915)

  12. Anonymous Coward
    Anonymous Coward

    Maybe there is

    Another program facilitating this possibly a third party application some few have it most don't.

  13. Snot Nice
    Coat

    Enterprise Security!?

    Surely this should have been filed under Bootnotes……

  14. John Boyarsky
    Thumb Down

    Hmmmmmmm

    Interesting...

    Wonder how this vulnerability got thru?

    This is pretty serious, though thankfully only to the host machine.

    10.5.1 & Mail 3.1 here.

    Interesting. I expect better than this from Apple.

    Tsk...Tsk...

    John

    Fairbanks, AK

  15. GBW

    @Ivan Headache

    I have the same 3.1 (914/915) version of Mail, but as I noted earlier the security alert is working. I think Anonymous Coward may be correct about a third party application interfering (I had to uninstall a third party app that was causing other applications to randomly crash after upgrading to Leopard), or it could be something with the preference settings within Mail.

  16. Anonymous Coward
    Joke

    Shock Horror

    A vulnerability disguised as a jpg that doesn't warn the user it could be malicious when clicked on?

    Surely that kind of thing only affects us poor windows users?

  17. TeeCee Gold badge
    Thumb Up

    @Snot Nice

    Very clever, very funny. Now explain how I remove the coffee spray from my laptop please?

  18. Danny Traynor

    Bizarre.

    Rather strangely, the first time I clicked on the attachment it executed in terminal. However, subsequent tries always brought up the warning.

    Still, once is enough I suppose.

  19. Bill Fresher
    Jobs Halo

    @Anonymous Coward

    "Oh and just to get a different argument going, I played with a Mac yesterday and whats with that little scroll nipple on the mouse? It's rubbish, the wheel is far superior"

    Well I, for one, like rubbing the nipple on my mouse.

  20. Rich Silver badge

    Highly regarded

    "...Apple's highly regarded operating system..."

    I simply can not get my head round why OS-X so "highly regarded". Retarded maybe! I have a Mac - it's clonky, the GUI is woefully wanting, the underlying OS (basically a hacked-up BSD) is (**because** it's been hacked up) riddled with undesirable "features". I can only imagine that OS-X is well regarded by those that have no idea what they are doing or what they are talking about.

    But more to the point, why would you want to use Apple's email client? As with Safari, it looks pretty, but it's very limited and inflexible. Thunderbird is FAR more capable and flexible.

  21. Anonymous Coward
    Dead Vulture

    10.5.1 correctly quarantines attachments

    Mac OS X 10.5.1 tags downloaded files as "quarantined". For instance, after receiving Heise's e-mail, listing the contents of my Mail Downloads folder shows:

    $ ls -l@ ~/Library/Mail\ Downloads/

    -rwxr-xr-x@ 1 user group 77 Nov 21 03:35 Heise.jpg

    com.apple.ResourceFork 1338

    com.apple.metadata:kMDItemWhereFroms 189

    com.apple.quarantine 70

    $

    It is not difficult to automate removing the quarantine attribute, so it's worth verifying that this is not happening. On the other hand, checking for this attribute is evidently left to the command opening the file. So, for instance, Darwin's open(1) command issues a warning, but running the file via sh(1) does not.

    The bottom line is that 10.5.1, at least, appears to be doing the right thing.

  22. Francis Vaughan

    2 dimensions

    "Oh and just to get a different argument going, I played with a Mac yesterday and whats with that little scroll nipple on the mouse? It's rubbish, the wheel is far superior"

    Lordy, I must be soooo bored here.......

    A wheel can't scroll sideways. I guess you never realised that the little nipple rolls to the side as well as up and down - i.e. a miniature trackball. You can't do that with a wheel. It takes a little getting used to, but once you do, you get really frustrated when forced to go back to a scroll wheel.

  23. Ivan Headache

    @danny

    Weird.

    I tried it a second time and got the correct warning.

    So why didn't it work the first time!?

  24. Michael
    Flame

    The sound of silence?

    Various sound bites (bytes?) come to mind reading this story.

    I can't get the "losing" sound from The Price Is Right out of my head.

    Then there's always the dude from the Simpons saying "HAHA!"

    And come on mac fanboys, we know you're just waiting to strike, so in the words of some antiquated rap "music", JUMP ON IT!

    It IS quite humorous that any time there's a story about windows sucking it up, the mac fanboys are right there to say "Get a Mac", but I don't see anyone here saying "Get a PC". And while mac users would say "that's because even pc users know that the mac is still better", I would dare to suggest that it's because in general, PC users aren't fanatical whack-jobs (pun definitely intended) who feel like they have to "convert" everyone from (to?) the dark side.

    Come on kids, flame on, it's oh so entertaining to read!! :)

  25. Anonymous Coward
    Stop

    Platformistas

    I'm once again reminded why I don't usually bother with reading the comments on the Apple & Microsoft articles; any meaningful commentary is drowned by the number of technically-adept and socially-challenged folks (trolls) who don't have a spouse with whom to argue (or have forgotten about their spouse) and are looking to start an argument as a geekish form of entertainment.

    Perhaps there should be a new MUD created that pits the Mac Fanchildren against the Microsoft Arials and the Torvald groupies. They'll have no weapons, they'll just stay in the dingy passages and pointless rooms arguing with one another, with both sides eventually declaring victory or suing one another for defamation in a real court.

    The best part is that no actual experience with opposing platforms is required.

    I think I'll go for a walk outside or make something with my hands rather

    than reading the blatherings of enraged and bitter sociophobes.

    Signed,

    been-there, done that.

  26. Anonymous Coward
    Flame

    its all lies

    but MacOSX has no flaws. its a perfect operating system. I like paying extra cash for nice looking hardware with an OS that limits what I can do.

  27. Phil Arundell
    Thumb Up

    Works fine here

    Leopard 10.5.1 - got the test email and when I clicked on the fake attachment, Mail gave me the following information:

    “Heise.jpg” may be an application. It was attached to a mail message and will be opened by Terminal. Are you sure you want to open it?

    Sounds pretty comprehensively protected to me!

This topic is closed for new posts.

Other stories you might like